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DETAILED ACTION 

Response to Amendment 

This office action is in response to request of reconsideration and argument filed on 
November 15, 2004. Applicant currently amended claims 1-3,5, and 8-14. Applicant added new 
claims 15-22. The amendment filed have been entered and made of record. Presently pending 
claims are 1-22. 

Therefore, presently Claims 1-22 are pending for further consideration. 

Response to Arguments 

Applicant's arguments filed on November 15, 2004 have been fully considered but they 
are not persuasive because of the following reasons: 

Regarding Claims 1-22 applicants argued that the cited prior art (CPA) [Hayes 
(U. S. Patent 6,339,826)] does not teach, "a context switch is performed in response to a 
detection of an operational problem or that any request for changing from one sate of alleged 
security profile to another is provided in response to an operational problem". 
This is not found persuasive. Cited prior art clearly teaches system and method for a list of 
applications to which the user has access permission, and objects corresponding to each 
application in the list are downloaded. The objects when selected by the user, a request for 
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downloading corresponding application to the user station are outputted to server. Log-on 
request including user identifier is received at the server from a user station. The server uses the 
users log-on identifier to build a list of applications for which the user has access permission. 
Therefore, the system of prior art provides common repository for configuration information for 
users and applets in client-server environment. Allows user to login from any computer in the 
system at any time and have it configured automatically at run time according to preferences 
stored for the user at the server. Prevents user from winding up with applications configured on 
desktop to which user does not have access by testing each application access preference set by 
user against the application permission present on server. 

As a result, the system of cited prior art provides a system and method for automatically 
implementing a security profile that has been previously implemented within the computer 
system. 

Applicants clearly have failed to explicitly identify specific claim limitations , which 
would define a patentable distinction over prior arts. 

The examiner is not trying to teach the invention but is merely trying to interpret the claim 
language in its broadest and reasonable meaning. The examiner will not interpret to read 
narrowly the claim language to read exactly from the specification, but will interpret the claim 
language in the broadest reasonable interpretation in view of the specification. Therefore, the 
examiner asserts that cited prior art does teach or suggest the subject matter broadly recited in 
independent and dependent claims. Accordingly, rejections for Claims 1-22 are respectfully 
maintained. 
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Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 35 1(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 2 1 (2) of such treaty in the English language. 

Claims 1-22 are rejected under 35 U.S.C. 102(e) as being anticipated by Hayes et al, hereinafter 
Hayes (USP 6,339,826). 

As per claims 1, 8, and 9, Hayes teaches: memory (Fig 2, element 212), and a security 
application configured to lock down resources of said computer system (col. 19, lines 50-55) by 
modifying a machine state of said computer system in response to a request for activating an 
original state of a security profile for a user, said security application configured to store data 
indicative of said machine state in said memory (col. 17, lines 60-64), said security application 
configured to modify said machine state (col. 20, lines 1-5) in response to a request for activating 
a new state of said security profile for said user (col. 12, lines 34-46, col.7 lines 62-63), said 
security application configured to retrieve said data in response to a request for recovering said 
original state of said security profile and to modify said machine state based on said retrieved 
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data thereby activating said original state of said security profile for said user (col. 7, lines 67 
col. 8, lines 5). 

As per claim 22, Hayes teaches memory (Fig 2, element 212), and a security application 
configured to define a security profile for controlling access to at least one resource of said 
computer system (col. 19, lines 50-55), said security application configured to activate an 
original state of said security profile and to store data indicative of said original state in said 
memory(col. 17, lines 60-64), said security application further configured to activate a new state 
of said security profile (col 7, lines 62-64), col.20 lines 1-5) in response to a user request(col. 
12, lines 34-46), said security application further configured to enable a user to undo an error in 
defining said new state by allowing said user to initiate activation of said original state based on 
said data (col. 7, lines 67 col. 8, lines 5, col. 19 line 16 to line 26). 

As per claims 2 and 10, Hayes teaches said security application includes default data defining 
default levels of security (col. 7, line 16), wherein said security application enables a user to 
select one of said default levels of security (col. 7, lines 16-19), and wherein said security 
application is configured to modify said machine state in response to said request for activating 
said original state of said security profile based on said selected default level of security (col. 17, 
lines 60-64). 

As per claims 3 and 1 1, Hayes teaches said security application defines a plurality of rules for 
locking down said computer system (col. 7, Lines 17-18), wherein said security application 
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configured to enable ones of said rules based on which of said default levels is selected by said 
user (col. 7, lines 54-55), and wherein said security application is further configured to cause said 
computer system to enforce each enabled rule within said plurality of rules by modifying said 
machine state in response to said request for activating said original state of said security profile 
(col. 19, lines 50-55). 

As per claims 4 and 12, Hayes teaches said security application enables said user to change 
which of said rules are enabled (col. 7, lines 16-17). 

As per claims 5 and 13, Hayes teaches memory (Fig 2, element 212), and a security application 
defining a plurality of said rules (col. 7, lines 18-19), said security application configured to 
enable a user to select a set of said rules to define an original state of a security profile for a user 
(col. 7, lines 17), said security application configured to lock down said computer system by 
causing said computer system to enforce said selected set of rules in response to an activation 
request (col. 19,lines 50-55), said security application further configured to store data indicative 
of said original state of said security profile (col. 17, lines 60-64), said security application 
configured to change said security profile for said user from said original state to a new state by 
changing which of said plurality of rules are enforced by said computer system based on inputs 
to said computer system (col. 12, Lines 33-40), said security application configured to retrieve 
said data in response to a user request and to automatically identify said set of rules based on said 
retrieved data (col. 17, Lines 65-66), said security application further configured to return said 
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security profile for said user to said original state thereby causing said computer system to 
enforce said identified rules in response to said user request (col. 19, line 53). 

As per claims 6 and 14, Hayes teaches said security application is further configured to define 
multiple sets of default data (col. 7, Lines 15-16), each of said sets of default data identifying 
different ones of said rules as being enabled for enforcement (col. 7, Lines 17-18), said security 
application configured to enable said user to select one of said sets of default data and to 
determine which of said rules are selected for inclusion into said selected set of rules based on 
which of said rules are indicated as enabled (col. 7, Lines 54-65). 

As per claim 7, Hayes teaches said security application enables said user to change which of said 
rules are indicated as being enabled (col. 7, lines 16-17). 

As per claim 15, Hayes teaches said original state grants access to a particular resource of said 

computer system based on a user identifier, and wherein said new state denies 

access to said particular resource based on said user identifier (col.20 line 36 to line 45). 

As per claim 16, Hayes teaches an operating system configured to read said machine state 
modified by said security application and to control access to at least one resource of said 
computer system based on said machine state (col.20 line 55 to line 61). 
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As per claim 17, Hayes teaches said machine state read by said operating system comprises a 
flag indicative of whether access to said at least one resource is restricted (col. 14 line 54 to col. 
151ine 5). 

As per claim 18, Hayes teaches said operating system is configured to analyze, in response to 
said flag, data indicating which users are authorized to access said at least 
one resource (col. 14 line 50 to col. 15 line 5). 

As per claim 19, Hayes teaches said security application, by activating said original state in 
response to said request for recovering said original state, enables said user to undo an error in 
defining said new state of said security profile for said user (col 19 line 16 to line 26). 

As per claim 20, Hayes teaches detecting an operational problem caused by activation of said 
new state of said security profile; and providing said request for recovering said original state of 
said security profile in response to said detecting (col. 19 line 16 to line 26, and col. 9 line 30 to 
line 41). 

As per claim 21, Hayes teaches said storing is in response to said request for activating said 
original state of said security profile (col. 9 line 13 to line 15 and col. 9 line 30 to line 41). 



Conclusion 
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Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1. 136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Syed Zia whose telephone number is 571-272-3798. The 
examiner can normally be reached on 9:00 to 5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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